security key-manager external aws show
Display AWS KMS configuration
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
This command displays the Amazon Web Service Key Management Service (AWSKMS) configuration for a given Vserver.
Parameters
- {
[-fields <fieldname>,…]
-
If you specify the
-fields <fieldname>, …
parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify. - |
[-instance ]
} -
If you specify the
-instance
parameter, the command displays detailed information about all fields. [-vserver <Vserver Name>]
- Vserver-
If you specify this parameter, then the command displays only the AWSKMS configuration for the given Vserver.
[-region <text>]
- AWS KMS Region-
If you specify this parameter, then the command displays only the AWSKMS configuration with the given region.
[-key-id <text>]
- AWS Key ID-
If you specify this parameter, then the command displays only the AWSKMS configuration with the given key-id.
[-access-key-id <text>]
- AWS Access Key ID-
If you specify this parameter, then the command displays only the AWSKMS configuration with the given access key ID.
[-service <text>]
- AWS Service Type-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS service type.
[-default-domain <text>]
- AWS KMS Default Domain-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS default domain.
[-state {available|not-responding|unknown}]
- AWS KMS Cluster State-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given state. The state can be either available or unknown.
[-unavailable-nodes <text>]
- Names of Unavailable Nodes-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given unavailable-nodes.
[-polling-period <integer>]
- Polling period (in minutes)-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given polling period.
[-port <integer>]
- AWS KMS Port-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS port.
[-verify {true|false}]
- Verify the AWS KMS Host-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify flag.
[-verify-host {true|false}]
- Verify the AWS KMS Host's Hostname-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify-host flag.
[-verify-ip {true|false}]
- Verify the AWS KMS Host's IP-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the verify-ip flag.
[-host <text>]
- AWS KMS Host Name-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given AWS KMS host name.
[-encryption-context <text>]
- Additional Layer of Authentication and Logging-
If you specify this parameter, then the command displays only the AWSKMS configurations with the given value of the AWS encryption-context. The parameter should be in JSON format.
Examples
The following example lists all AWSKMS configurations.
cluster-1::>security key-manager external aws show Vserver: SAMPLE_VSERVER Region: SAMPLE_NA_REGION Access Key Id State ------------------------------------------ ------- SAMPLE_ACCESS_KEY_ID unknown SAMPLE_ACCESS_KEY_ID_2 unknown Unavailable Nodes: node1
The following example lists the AWSKMS configurations that have the given encryption context of "{"team": "NVEsecurity"}".
cluster-1::>security key-manager external aws show -encryption-context {"team": "NVEsecurity"} Vserver: SAMPLE_VSERVER Region: SAMPLE_NA_REGION Access Key Id State ------------------------------------------ ------- SAMPLE_ACCESS_KEY_ID unknown Unavailable Nodes: node1